APT40: Chinese State Sponsored APT
June 5, 2025
APT40, also known as ATK29, BRONZE MOHAWK, G0065, GADOLINIUM, Gingham Typhoon, ISLANDDREAMS, ITG09, KRYPTONITE PANDA, Leviathan, MUDCARP, Red Ladon, TA423,
Threat Actors
APT40: Chinese State Sponsored APT
APT40, also known as ATK29, BRONZE MOHAWK, G0065, GADOLINIUM, Gingham Typhoon, ISLANDDREAMS, ITG09, KRYPTONITE PANDA, Leviathan, MUDCARP, Red Ladon, TA423, TEMP.Jumper, and TEMP.Periscope, is an ...
GhostSec: From Hacktivist Roots to RaaS Powerhouse
GhostSec evolved from anti-ISIS hacktivists into a global ransomware threat, deploying GhostLocker via RaaS and targeting critical infrastructure with sophisticated, multi-stage infiltration tactics.
Sodinokibi/REvil Ransomware: The Evasive Threat
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April ...
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics, techniques, and procedures (TTPs), providing ...
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance, for financial gain and potential ...
Everest Ransomware: Data Extortionist Turned Initial Access Broker
Everest ransomware, active since 2020, evolved from data extortion and ransomware to primarily acting as an Initial Access Broker (IAB), targeting healthcare providers.
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks unless ransoms are paid. Their ...
KillSec: Hacktivists Turned RaaS Syndicate
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian victims over Western ones.
Qilin/Agenda Ransomware: The Credential Stealers
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July ...
BianLian Ransomware: Shadow Data Extortion Group
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have targeted critical infrastructure and private ...
GhostSec: From Hacktivist Roots to RaaS Powerhouse
June 4, 2025
GhostSec evolved from anti-ISIS hacktivists into a global ransomware threat, deploying GhostLocker via RaaS and targeting critical infrastructure with sophisticated,
Sodinokibi/REvil Ransomware: The Evasive Threat
May 5, 2025
Overview Sodinokibi, also known as REvil, is a highly prolific and sophisticated ransomware-as-a-service (RaaS) operation active since at least April
Qilin Ransomware: Tactics, Techniques, Procedures and Mitigation
April 23, 2025
Qilin ransomware, a potent threat emerging in 2022, has rapidly gained notoriety. This blog post delves into its advanced tactics,
Evil Corp (UNC2165): The Russian Syndicate Behind Global Cyber Chaos
April 22, 2025
Evil Corp, a prolific Russian cybercrime syndicate, deploys sophisticated malware and ransomware, targeting diverse sectors globally, including healthcare and finance,
Everest Ransomware: Data Extortionist Turned Initial Access Broker
April 9, 2025
Everest ransomware, active since 2020, evolved from data extortion and ransomware to primarily acting as an Initial Access Broker (IAB),
Vice Society Ransomware: The Anti K-12 RaaS Syndicate
April 8, 2025
Vice Society, a prolific RaaS group, preys on schools and other institutions, deploying readily available ransomware and threatening data leaks
KillSec: Hacktivists Turned RaaS Syndicate
April 4, 2025
KillSec, a Russia-linked RaaS group, targets healthcare and finance, leveraging OSINT and affiliates for extortion, showing a preference for Asian
Qilin/Agenda Ransomware: The Credential Stealers
March 20, 2025
Overview The Qilin ransomware group, also known as Agenda, is a Russia-based ransomware-as-a-service (RaaS) operation active since at least July
BianLian Ransomware: Shadow Data Extortion Group
March 5, 2025
The BianLian ransomware group represents a significant and growing threat to organizations worldwide. Operating with precision and stealth, they have
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.